ISO 27001 Information Security

Made: 01-01-2013 | Laid: 01-01-2013 | Forced: 01-01-2022

Overview


ISO 27001 is one of the most recognised internationally recognised standards for Information Security management. With increasing concerns about data security, its use is now confirmed as a major pillar in supply chain security and customer assurance. Applying the 27001 Standard to your management system will enable you to: 

  • Continually seek methods to eliminate and reduce information security risks, which will improve your performance now and in the future 
  • Reassure your workers and interested parties that you are putting information security  issues high on your agenda, and continually seek to improve what you do
  • Provide regulators with assurance that you comply with Information Security legislation and other requirements that relate to security, such as data protection and GDPR

The principle objective of an Information Security management system that uses the 27001 requirements is that data remain confidential, available where needed, and it's integrity is maintained.

Please also note that there are other related standards that either bolt-on specific management issues (e.g. ISO 27701: Security techniques for privacy information management) and also Cyber Essentials, which is a UK-centred scheme managed by the UK National Cyber Security Centre and which provides a baseline management system. 

Please note that the ISO 27001 Standard was updated in 2022

Requirements


Restricted content for registered members

Register to read full article.

Updates & Amendments


Restricted content for registered members

Register to read full article.

Typical Tasks Required


Restricted content for registered members

Register to read full article.

Useful Information


Restricted content for registered members

Register to read full article.